diff options
author | Christian Poessinger <christian@poessinger.com> | 2022-01-14 20:30:56 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-14 20:30:56 +0100 |
commit | 9aa8e51de06bda0099231f2567dbb83e430faee4 (patch) | |
tree | 1eecd3caba390e300450af400bffee90ed137887 /src/validators/tcp-flag | |
parent | 97472739b4432cdbf8f73275ab00876add071692 (diff) | |
parent | df5a862beb84145dfc8434efde7d7fee783199cf (diff) | |
download | vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.tar.gz vyos-1x-9aa8e51de06bda0099231f2567dbb83e430faee4.zip |
Merge pull request #1167 from sarthurdev/firewall
firewall: T4178: Use lowercase for TCP flags and add an validator
Diffstat (limited to 'src/validators/tcp-flag')
-rwxr-xr-x | src/validators/tcp-flag | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/validators/tcp-flag b/src/validators/tcp-flag new file mode 100755 index 000000000..86ebec189 --- /dev/null +++ b/src/validators/tcp-flag @@ -0,0 +1,19 @@ +#!/usr/bin/python3 + +import sys +import re + +if __name__ == '__main__': + if len(sys.argv)>1: + flags = sys.argv[1].split(",") + + for flag in flags: + if flag and flag[0] == '!': + flag = flag[1:] + if flag.lower() not in ['syn', 'ack', 'rst', 'fin', 'urg', 'psh']: + print(f'Error: {flag} is not a valid TCP flag') + sys.exit(1) + else: + sys.exit(2) + + sys.exit(0) |